• Home
  • Articles
  • HCNA-Security H12-711 Dumps Updated Nov 15, 2021 - VCETorrent [Q24-Q46]

HCNA-Security H12-711 Dumps Updated Nov 15, 2021 - VCETorrent [Q24-Q46]

Share

HCNA-Security H12-711 Dumps | Updated  Nov 15, 2021 - VCETorrent

Master 2021 Latest The Questions HCNA-Security and Pass H12-711  Real Exam!

NEW QUESTION 24
Which of the following are the necessary configurations of IPSec VPN? (Multiple Choice)

  • A. Configure IKE SA related parameters
  • B. Configuring IPSec SA related parameters
  • C. Configure the stream of interest
  • D. Configuring IKE neighbors

Answer: A,B,C,D

 

NEW QUESTION 25
Which ofthe following are core elements ofthe IATF (InformationAssurance Technology Framework) model?
(Multiple choice)

  • A. person
  • B. Environment
  • C. Operation
  • D. Technology

Answer: A,C,D

 

NEW QUESTION 26
In some scenarios, it is necessary to convert the source IP address and the destination IP address. Which of the following techniques is used in the scenario?

  • A. Two-way NAT
  • B. NAT ALG
  • C. NAT-Server
  • D. Source NAT

Answer: A

 

NEW QUESTION 27
Which of the following options does not include the respondents in the questionnaire for safety assessment?

  • A. Security administrator
  • B. Technical leader
  • C. Network System Administrator
  • D. HR

Answer: D

 

NEW QUESTION 28
HTTP packets are carried by UDP, and the HTTPS protocol is based on TCP three-way handshake. Therefore, HTTPS is relatively secure, and HTTPS is recommended.

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 29
Which of the following description is wrong about the Internet users and VPN access user authentication?

  • A. After the VPN access user passes the authentication, it will be online on the user online list.
  • B. The local authentication or server authentication process is basically the same for the Internet users. The authentication is performed on the user through the authentication domain.
  • C. The Internet user andthe VPN access user share data, and the users attribute check (user status, account expiration time, etc.) also takes effect on the VPN access.
  • D. After the VPN user accesses the network, it can access the network resources of the enterprise headquarters. The firewall can control the accessible network resources based on theuser name.

Answer: A

 

NEW QUESTION 30
Which of the following is not a hash algorithm?

  • A. SHA2
  • B. SHA1
  • C. MD5
  • D. SM1

Answer: D

 

NEW QUESTION 31
Winch of the following is the encryption technology used in digital envelopes?

  • A. Symmetric encryption algorithm
  • B. Asymmetric encryption algorithm

Answer: B

 

NEW QUESTION 32
Against IP Spoofing,which of the following description is wrong?

  • A. IP spoofing is to use the hosts' normal trust relationship based on the IP address to launch it
  • B. An attacker would need to cisguise the source IP addresses as trusted hosts, and send the data segment with the SYN flag request for connection
  • C. Af-.er IP spoofing attack is successful, the attacker can use forged any IP address to imitate legitimate hast to access to critical information

Answer: C

 

NEW QUESTION 33
Which of the following descriptions are correct about the buffer overflow attack? (Multiple Choice)

  • A. Buffer overflow attacks are not related to operating system vulnerabilities and architectures
  • B. Buffer overflow attack belongs to application layer attack behavior
  • C. Buffer overflow attacks are the most common method of attacking software systems
  • D. Buffer overflow attack is the use of software system for memory operation defects, running attack code with high operation authority

Answer: B,C,D

 

NEW QUESTION 34
Which of the following options are correct about the control actions permit and deny of the firewall interzone forwarding security policy? (Multiple Choice)

  • A. The packet is matched immediately after the inter-domain security policy deny action, and the other interzone security policy will not be executed.
  • B. The action of the firewall default security policy is deny.
  • C. Even if the packet matches the permit action of the security policy, it will not necessarily be forwarded by the firewall.
  • D. Whether the message matches the permit action of the security policy or the deny action, the message will be processed by the UTM module.

Answer: A,B,C

 

NEW QUESTION 35
Caesar Code is primarily used to encrypt data by using a stick of a specific specification

  • A. True
  • B. False

Answer: B

 

NEW QUESTION 36
Regarding the relationship and role of VRRP/VGMP/HRP, which of the following statements are correct? (Multiple choice)

  • A. HRP is responsible for data backup during hot standby operation.
  • B. VGMP is responsible for monitoring equipment failures and controlling fast switching of equipment.
  • C. VGMP group in the active state may include the VRRP group in the standby state.
  • D. VRRP is responsible for sending free ARP to direct traffic to the new primary device during active/standby switchover.

Answer: A,B,D

 

NEW QUESTION 37
When configuring NAT Server on the LSG series firewall, the server-map table will be generated. Which of the following does not belong in the table?

  • A. Agreement number
  • B. Source IP
  • C. Destination IP
  • D. Destination port

Answer: B

 

NEW QUESTION 38
Intrusion Prevention System (IPS) is a defense system that can block in real time when an intrusion is discovered

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 39
Which of the following is wrong about the management of Internet users?

  • A. Each user belongs to at least one user group, also can belong to multiple user groups
  • B. Each user group can include multiple users and user groups
  • C. The system has a default user group by default, which is also the system default authentication domain.
  • D. Each user group can belong to multiple user groups

Answer: D

 

NEW QUESTION 40
Which of the following io true about the description of the firewall?

  • A. Depending on the usage scenario, the firewall can be deployed in transparent moce or deployed in a three bedroom mode.
  • B. Adding a firewall to the network will inevitably change the :opology of the network.
  • C. The firewall cannot transparently access the network.
  • D. In order to avoid single point of faiure. the firewall only supports side-by-side deplcyment.

Answer: A

 

NEW QUESTION 41
In the Client-Initiated VPN configuration, generally it is recommended to plan the address pool and the headquarters of the network address for the different network segments, or need to open proxy forwarding on the gateway device.

  • A. True
  • B. False

Answer: A

 

NEW QUESTION 42
Which of the following descriptions about the action and security profile of the security policy are correct? (Multiple choice)

  • A. The security profile may not be applied to the security policy that the action is allowed and take effect.
  • B. If the action of the security policy is "prohibited", the device will discard this traffic, and then no content security check will be performed.
  • C. The security profile must be applied to the security policy that is allowed to take effect.
  • D. If the security policy action is "Allow", the traffic will not match the security profile.

Answer: B,C

 

NEW QUESTION 43
Which of the following can be supported by Policy Center access control? (Choose three.)

  • A. Hardware SACG (hardware security access control gateway)
  • B. Software SACG (host firewall)
  • C. ARP control
  • D. 802.1X

Answer: A,B,D

 

NEW QUESTION 44
Which ofthe following types are included in Huawei firewall user management? (Multiple Choice)

  • A. Access user management
  • B. Internet user management
  • C. Device User Management
  • D. Administrator User Management

Answer: A,B,D

 

NEW QUESTION 45
Which of the following are correct about configuring the firewall security zone?(Multiple Choice)

  • A. Firewall can have 12 security zones at most.
  • B. The firewall can create two security zones of the same priority
  • C. When data flows between different security zones, the device security check is triggered and the corresponding security policy is implemented
  • D. The firewall has four security zones by default, and the four security zone priorities do not support modification.

Answer: C,D

 

NEW QUESTION 46
......

A fully updated 2021 H12-711 Exam Dumps exam guide from training expert VCETorrent: https://www.vcetorrent.com/H12-711-valid-vce-torrent.html

Practice To H12-711 - VCETorrent Remarkable Practice On your HCIA-Security V3.0 Exam: https://drive.google.com/open?id=1CnUXBhaMjwOsexXwBybvi6S1udGQHi4m

Related Articles

more
Huawei H12-711 Certification Practice Exam

Contact Us

Our Working Time: ( GMT 0:00-15:00 )   From Monday to Saturday

Contact now

Our high-quality valid VCE PDF materials & dumps torrent files guarantee you pass exam 100% for sure. Our reliable exam torrent will be the best help for your exams and will give you a new start, a new life.

Disclaimer:
VCETorrent doesn't offer Real Lenovo Exam Questions.
VCETorrent does not offer exam dumps or questions from actual exams. We offer learning material and practice tests created by subject matter experts to assist and help learners prepare for those exams. All certification brands used on the website are owned by the respective brand owners. VCETorrent does not own or claim any ownership on any of the brands.

Copyright © 2026 VCETorrent NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy